Fallback secret option partially working

Checklist

• I have looked into the Readme and the documentation, and have not found a suitable solution or answer.
• I have searched the issues and have not found a suitable solution or answer.
• I have searched the Auth0 Community forums and have not found a suitable solution or answer.
• I agree to the terms within the Auth0 Code of Conduct.

Description

I have enabled the use of fallback_secret to login directly to WP via ./wp-login.php

When used without ?auth0_fb=XXXX... I get directed to Auth0 ✅
When I use ?auth0_fb=XXXX... I get directed to the WP login page ✅
When I then enter my credentials and click "Log In" I get directed to Auth0... ❌

Auth0 otherwise works fine after spending some time hacking around the install via composer. This is a virgin WP install on an AWS Linux 2023 EC2 instance.

What information can I provide to help look into this further?

Reproduction

When used without ?auth0_fb=XXXX... I get directed to Auth0 ✅
When I use ?auth0_fb=XXXX... I get directed to the WP login page ✅
When I then enter my credentials and click "Log In" I get directed to Auth0... ❌

Additional context

No response

wp-auth0 version

5.2.0

WordPress version

6.5.3

PHP version

8.2.15

[blakmarkit]

I noticed this too, but I thought I had just configured it wrong—it wasn't a huge deal for the way I was using it.

[sweber83]

When the wp login form posts its credentials to wp-login.php the onLogin() method runs all the way to the end, where we are redirected to the auth0 form.

wordpress/src/Actions/Authentication.php

Line 549 in 169e917

wp_redirect($this->getSdk()->login());

Looks like a bug to me.
onLogin() should probably return, if the log & pwd post vars are set.